Here is the list of old RT tickets that we are closing. We sent email to all of the originators, and it included the following text: If you still think it is important for us to consider, please open an issue on GitHub. Don't be shy! We are closing issues based purely on the date, and the fact that despite several passes through our RT tickets, we haven't closed them yet. 480 Support for local ip address binding for connect BIO's. 1052 openssl ca: generate subjectAltName from config 1416 [PATCH] display UPN if in subjectAltName 1425 Request: make X509_NAME_oneline() use same formatter as X509_NAME_print_ex() 1482 [PATCH] add "ciphertext stealing" support to the EVP library 1518 [PATCH] Securing private RSA keys 1927 [PATCH] openssl ocsp app to autodetect ocsp_uri and issuer 1928 interface bug on Windows 64 1975 [PATCH 13/14] Add support for CPU usage reporting. 2288 [PATCH] Support optional caching of the certificate chain when using external session caching 2298 Build failure on WinCE platform openssl-1.0.0 & 1.0.0a 2330 No debug-mingw build target. just mingw and ming64. 2365 Limitations of ENGINE interface hamper performance on modern hardware 2389 [PATCH] Supporting the -md and -sigopt options in OCSP utility 2408 Enhancement: Additions to timestamp support 2415 possible insignificant bugs in md_rand.c? 2436 pkcs12 enhancements 2463 [PATCH]: OpenSSL 1.0.0d: Add abbility to load server certificate by ENGINE. 2525 [PATCH] Enhancement: Output Format for req Keys 2552 [PATCH] add ability to print root certificate 'issuer' field when using openssl verify 2562 Adding cfi/fpo records to asm (fix backtrace when debugging) 2568 enhancement request: remove ECC engine support's limitation 2574 [PATCH] ECC point coordinate blinding 2582 [PATCH] Efficient and side channel analysis resistant 512-bit and 1024-bit modular exponentiation for optimizing RSA1024 and RSA2048 on x86_64 platforms") 2595 Capitalize X509 subject key STREET according to rfc1779 2599 Support for SHA256 and other MDs in X509 SubjectKeyIdentifier - PATCH 2601 Support for use of sha256 for certificate comparisons - PATCH 2617 pkeyutl fails depending on order of options - PATCH 2635 1/n-1 record splitting technique for CVE-2011-3389 2641 Move the libraries needed for static linking to Libs.private 2659 Problem with DH Exchange with the Oakley Groups (RFC 2412) 2665 s_client support for starttls ldap 2666 Enhancement request/Bug request (bit of both) 2752 objects.txt - update of extended key usage 2753 [PATCH] let application explicitly seed RNG on Unix 2754 Ugly interaction of (openssl x509)'s option -x509toreq with -outform/-text/-noout 2766 TLS 1.2 Compliance - IDEA cipher not disabled 2768 Bug: internal_verify() hides errors from callbacks after X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 2770 openssl cryptodev fixes 2784 [PATCH] Eefficient implementations of SHA256 and SHA512, using the Simultaneous Message Scheduling method 2787 [PATCH] enc: compress before compress/base64 is applied 2818 [PATCH] Cipher list TLSv1.2 as token; ciphers(1) update 2833 BIO_CTRL_DGRAM_QUERY_MTU handling is wrong due to bad getsockopt() use 2834 bug report: i2d(sign(10)) results in 2573 encoded 2850 [PATCH] Efficient and side channel analysis resistant 1024-bit modular exponentiation, for optimizing RSA2048 on AVX2 capable x86_64 platforms 2851 cms command - Request to handle S/MIME v3.2 mail 2868 [PATCH] CA - change order of gencrl and revoke 2873 -noemailDN only affects Subject DN 2878 [PATCH] s_client -fd 2880 Modification of the capi engine to support loading key from CERT_SYSTEM_STORE_LOCAL_MACHINE 2881 [PATCH] TLS 1 & 1.1 client ciphersuites incorrectly truncated 2884 bug in eng_cryptodev? 2886 openssl cms cmsout serial number output format 2902 [PATCH] add strings for SSL state related to Next Protocol Negotiation 2913 Incorrect salt length indication for RSA-PSS signatures 2924 X509_verify_cert() fails unsafe if check_issued() fails 2927 Domain names that exceed 61 characters 2933 Days wrong if -enddate is passed to openssl ca 2947 leap year date handling 2953 s_server to show connection duration and transfer speed 2957 genpkey for DH key generation does not honor recommended private length 2961 [PATCH] Enhance DH Paramgen to allow setting of "recommended private key size" 2965 [PATCH] dgst: Prepend digest type when reading from stdin, too 2976 openssl x509 is hardcoded to require CSR in PEM format 2987 "openssl speed" bug with the -multi option on multi-core/processor environments 2990 Bug Report:openssl timezone issue 2995 [PATCH] - Added ability to set the iteration count for the enc function of the openssl commandline tool. 3010 Dynamic engine error handling crash 3012 bug report - excess free 3015 Bug with encoding / decoding Implicitly tagged, Optional GENERAL_NAMEs?? 3032 Possible openssl bug - EVP_CIPHER_CTX_iv_length dont report correct value after EVP_CTRL_GCM_SET_IVLEN 3043 Bug Report d2i_PKCS8PrivateKey_bio() doesn't work for DH keys 3045 bug report: AES XTS fails for data unit size > 4KB 3050 x509 PEM certificate input parsing bug 3054 [PATCH] Efficient and side channel analysis resistant 1024-bit and 2048-bit modular exponentiation, optimizing RSA, DSA and DH of compatible sizes, for AVX2 capable x86_64 platforms 3056 Add secure DSA nonce flag. 3064 [PATCH] small_prime_generation 3069 An enhancement to EC key generation to enable compact point representation 3088 openssl crl - verify a CRL signature 3101 [PATCH] Add CMP (RFC 4210) implementation 3113 OpenSSL???s DH implementation uses an unnecessarily long exponent, leading to significant performance loss 3117 [PATCH] A fast vectorized implementation of binary elliptic curves on x86-64 processors 3135 Not all items displayed by list-cipher-commands are in OBJ_sn2nid() 3153 Native issetugid function not used under Solaris 3166 RE: Possible bug/leak in OpenSSL ssl/bio_ssl.c:ssl_ctrl(BIO_CTRL_POP) 3168 PKCS12 bug when using same file for export password and key passphrase 3183 SSL_set_SSL_CTX() should apply more settings from the SSL_CTX being switched to 3222 [PATCH] asn1,evp: Add delete functions for app methods 3226 [PATCH] crypto/srp/srp_lib.c: add/correct some error handling 3240 [PATCH] Efficient 1024-bit and 2048-bit modular exponentiation for AVX512 capable x86_64 processors 3256 [PATCH] RSA512+SHA512 incompatibility results in errors 3258 Enable large Discrete Logarithm Diffie-Hellman groups 3266 [PATCH] Add the SYSTEM cipher keyword 3276 Possible Bug/Opportunity for Improvement when loading ECDSA Key/Cert (Feature Request?) 3282 [PATCH] Fix PKCS8/PKCS12 EncryptedPrivateKeyInfo decryption when password is empty 3349 Bug report: X509_check_akid() identifies non-self-signed certificate as its own issuer 3391 [PATCH] NULL function pointer call in n_ssl3_mac (ssl/s3_enc.c) 3421 [PATCH] return appropriate error if RDRAND not available 3427 crypto/bio/b_print.c: 2 useless if conditions ? 3451 [PATCH] Validity period in hours for x509 3463 [PATCH] Add support of no_application_protocol alert in ALPN protocol selection 3464 openssl s_client waiting for input on Windows 3471 [PATCH] md5-asm-aarch64-29regs 3477 [PATCH] RFC3447 multi-prime RSA functionality and additional acceleration via AVX2 instructions 3491 Cert signing request verification false positive. 3502 nameConstraints bypass bug 3507 [PATCH] Fix memory leaks. 3513 bug report - 1.0.1i x509req challenge password 3514 BUG: openssl fails to downgrade tls protocol version during SSL handshake, when client tries to resume tls1.2 session 3517 Cipher suites should be case-insensitive 3518 Move RC4 and MD5 ciphers to LOW, post-1.0.2 3523 bug report: s_client writes to STDERR 3529 [PATCH] ASN1 generation: allow bit strings ending with zero regardless of length 3553 AES Key Wrapping with Inverse Functions 3555 OCSP Stapling Enhancement (diff included) 3561 bug report: openssl prints wrong pre_master secret in debug mode 3578 Bug report, verify using CApath not working any more 3590 [PATCH] Fast modular exponentiation with the new VPMADD52 instructions 3591 [PATCH v2] Implement Maximum Fragment Length Negotiation (RFC 4366). 3598 Windows Phone & OpenSSL. 3604 [PATCH] User can specify the public exponent in genrsa 3624 Unify SSL_CONF_* interface to be SSL_CONF_CTX_*, with patch against [master/33d5ba8] 3627 Enhancement request: add more "Protocol" options for SSL_CONF_CTX 3632 Enhancement request: CONF_modules_load_file(): please include filename in error message 3633 Enhancement request: CONF_modules_load_file(): please add a CONF_MFLAGS_LOAD_USER_FILE 3636 BIO_read() (enc_read()) with 0 length 3641 [PATCH] EC_KEY_generate always overwrites private key All OS 1.0.1j 3644 Encoding of EC private key is broken in all version 3648 BUG: Undefined behavior in easy_tls.c 3649 Unnecessary engine lookup in EVP_DigestInit_ex 3655 Inconsistency in d2i_SSL_SESSION 3659 BUG: EVP_DigestVerifyFinal does not take a const pointer 3660 Memory leak in s_server.c 3667 [PATCH] Faster GLV elliptic curves 3679 Memory leak in ssl_cert_dup (ssl/ssl_cert.c) 3681 function pointers in BIO set_callback 3697 Bug in s_client with loading of default certificates 3698 Bug: Ref count issue in SSL_new may cause a crash in SSL_free if REF_CHECK is defined 3702 openssl verify improvement 3712 TLS Renegotiation with Java is broken 3721 [PATCH] Additional checking of self-signed certificates 3729 [PATCH] Add support for iovec-based IO in OpenSSL 3736 [PATCH] fix parallel install with dir creation 3737 [PATCH] fix parallel generation of obj headers 3741 [PATCH] Better side-channel security for ECC table lookups 3743 [PATCH] Make it possible to only install libs 3746 -nameopt utf8 alone does not work , problem is tht crypto/asn1/a_strex.c returns -1 3748 do_name_ex in crypto/asn1/a_strex.c does not treat case 0 in XN_FLAG_SEP_MASK 3762 bug report: x509 -x509toreq does not copy extensions 3763 bug report: pkeyutl option order 3764 Missing message Alert on ssl23_get_server_hello negotiation failure 3765 Crash in PEM write functions with generated EC_KEY on Windows 3791 Problems configuring for OSX 10.8.5 (x86_64) 3794 Missing symbols for padlock_aes_block during link in Master 3797 [PATCH] evp: fix memory corruption on absent payload
